Added by Chris M Scott over 1 year ago. Updated about 1 year ago.
100%
Description
You can select interface networks as a source/destination. It would be useful to be able to select an interface group as well for total abstraction
Related issues
Updated by Chris M Scott over 1 year ago
You can select interface networks as a source/destination. It would be useful to be able to select an interface group as well for total abstraction and a singe source of truth
Updated by Marcos M over 1 year ago
Updated by Marcos M over 1 year ago
Updated by Marcos M over 1 year ago
Updated by Lev Prokofev over 1 year ago
Tested on
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT
Option to choose "interface group" network appears in the firewall rules, pfctl shows created rules after a filter reload
pass in quick on igb1 inet proto tcp from 10.0.10.0/24 to any flags S/SA keep state label "USER_RULE" label "id:1690478259" ridentifier 1690478259
pass in quick on igb1 inet proto tcp from 192.168.10.0/24 to any flags S/SA keep state label "USER_RULE" label "id:1690478259" ridentifier 1690478259
USER_RULE id:1690478259 114 0 0 0 0 0 0 0
USER_RULE id:1690478259 14 0 0 0 0 0 0 0
Updated by Georgiy Tyutyunnik over 1 year ago
tested on:
Version 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURRENT
Version 23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT
works solid. you can refer to the interface group networks even if some members don't have a subnet on them, and it doesn't break anything
Updated by Marcos M over 1 year ago
Applied in changeset 9fbd5798a3d76b36e6cc37debc5a37d382977a78.
Updated by Marcos M over 1 year ago
Updated by Jim Pingle about 1 year ago
Updated by Marcos M 10 months ago